Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64AF3368FFE111EF8FE3E9AF762E951A.roa
File: 64AF3368FFE111EF8FE3E9AF762E951A.roa (raw, json)
Hash identifier: NRRTKAUzuEBVfig6pRkOkWmCk8XsjrbWXimO4ShnVMc=
Subject key identifier: 1E:22:81:4F:48:67:CD:72:FD:94:0C:44:0E:90:CE:E4:A3:F1:7E:8C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01740D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64AF3368FFE111EF8FE3E9AF762E951A.roa
Signing time: Thu 13 Mar 2025 08:01:39 +0000
ROA not before: Thu 13 Mar 2025 08:01:35 +0000
ROA not after: Sat 19 Apr 2025 08:01:35 +0000
asID: 57043
IP address blocks: 154.199.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95245 (0x1740d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 13 08:01:35 2025 GMT
Not After : Apr 19 08:01:35 2025 GMT
Subject: CN=67d290e3-6734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:e3:06:78:05:ce:3a:e3:fb:6f:6d:03:7f:
14:43:58:a3:b4:06:c3:ff:dc:60:65:33:6b:a8:da:
ac:af:2d:48:90:28:51:71:d7:95:32:6b:4b:36:69:
13:ed:cb:cb:e3:ca:72:f2:ab:bc:60:10:44:fa:bf:
e3:b0:57:7b:27:63:55:2a:a4:f8:2a:bc:40:0b:5c:
02:a0:7f:28:42:a6:8b:e4:e9:ae:0a:a8:fc:00:ba:
b5:21:b5:3d:20:14:08:cc:16:39:4e:cb:b4:cb:4f:
55:28:3a:68:d2:37:e1:78:0a:65:2f:65:bf:ac:52:
c2:02:66:a4:96:54:7a:a9:0a:cd:06:03:88:bf:44:
5f:a5:12:f5:e1:19:64:a0:9b:0a:98:af:75:3b:a6:
f0:fb:60:c9:24:7a:5b:75:5f:7a:0f:13:4d:d4:8e:
bd:2d:53:b2:e9:6b:6f:78:e1:50:3f:78:84:82:ad:
10:1a:46:9e:37:6c:a0:36:e6:0b:0a:75:b6:5d:52:
6b:f0:2c:4f:d3:71:b3:9c:1f:88:e3:74:37:dc:1d:
d5:af:96:ca:9a:f0:65:c6:c2:6b:62:36:6c:98:65:
e4:61:fe:e9:2c:5a:5a:4e:13:e2:ea:56:b5:0d:db:
c6:84:2d:fe:bf:00:48:df:0f:5e:fd:55:10:bd:50:
20:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:22:81:4F:48:67:CD:72:FD:94:0C:44:0E:90:CE:E4:A3:F1:7E:8C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/64AF3368FFE111EF8FE3E9AF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.12.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:d3:77:4c:28:af:52:85:9c:8c:42:ac:12:6f:e0:a8:b9:58:
1e:80:d7:21:70:8b:8b:51:b9:ce:ad:b6:a5:28:49:15:18:68:
a3:00:ba:3f:d9:fa:59:47:58:91:d3:0e:a5:b6:36:0c:59:28:
b8:32:18:47:90:67:48:7f:08:81:27:73:ac:33:4c:26:d2:dc:
dd:0a:0c:06:8e:90:5e:4a:c7:c9:10:dd:ed:a6:fd:30:ad:5d:
00:65:94:1a:8f:69:be:b4:23:b5:dd:77:b9:1b:35:58:bc:5d:
54:17:ed:58:32:10:e0:7e:0a:9d:07:d9:5e:dc:34:7a:cd:a4:
b2:0f:70:0a:1e:69:d4:1b:67:73:8d:18:ac:b6:76:59:cc:4e:
f2:d0:44:96:66:25:ef:91:eb:88:9a:1d:62:19:8b:c3:23:ec:
b7:d3:fa:df:67:7c:da:ac:2f:54:60:f6:4d:8e:12:af:da:66:
33:72:ea:8d:16:44:95:a0:9d:56:2c:97:f3:36:63:ee:b1:7c:
c0:2c:90:e5:2f:82:f2:bb:96:37:76:d5:44:a9:14:5f:e6:1e:
f5:d4:f5:14:89:2f:40:43:d3:24:3b:c9:30:1f:0d:ef:f3:20:
4f:20:62:1e:b7:78:41:08:15:b1:82:f8:b3:cf:40:28:f0:41:
d8:63:1f:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXQNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzEzMDgwMTM1WhcNMjUwNDE5MDgwMTM1WjAYMRYw
FAYDVQQDEw02N2QyOTBlMy02NzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtG/jBngFzjrj+29tA38UQ1ijtAbD/9xgZTNrqNqsry1IkChRcdeVMmtL
NmkT7cvL48py8qu8YBBE+r/jsFd7J2NVKqT4KrxAC1wCoH8oQqaL5OmuCqj8ALq1
IbU9IBQIzBY5Tsu0y09VKDpo0jfheAplL2W/rFLCAmakllR6qQrNBgOIv0RfpRL1
4RlkoJsKmK91O6bw+2DJJHpbdV96DxNN1I69LVOy6WtveOFQP3iEgq0QGkaeN2yg
NuYLCnW2XVJr8CxP03GznB+I43Q33B3Vr5bKmvBlxsJrYjZsmGXkYf7pLFpaThPi
6la1DdvGhC3+vwBI3w9e/VUQvVAggQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFB4i
gU9IZ81y/ZQMRA6QzuSj8X6MMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NEFGMzM2OEZGRTExMUVGOEZFM0U5QUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmscMMA0GCSqGSIb3DQEB
CwUAA4IBAQBq03dMKK9ShZyMQqwSb+CouVgegNchcIuLUbnOrbalKEkVGGijALo/
2fpZR1iR0w6ltjYMWSi4MhhHkGdIfwiBJ3OsM0wm0tzdCgwGjpBeSsfJEN3tpv0w
rV0AZZQaj2m+tCO13Xe5GzVYvF1UF+1YMhDgfgqdB9le3DR6zaSyD3AKHmnUG2dz
jRistnZZzE7y0ESWZiXvkeuImh1iGYvDI+y30/rfZ3zarC9UYPZNjhKv2mYzcuqN
FkSVoJ1WLJfzNmPusXzALJDlL4Lyu5Y3dtVEqRRf5h711PUUiS9AQ9MkO8kwHw3v
8yBPIGIet3hBCBWxgvizz0Ao8EHYYx8d
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:34:44 2025 by rpki-client